Re: [SQL] Re: create view security

Peter Eisentraut wrote:
> Wallingford, Ted writes:
>
> > I am using 6.3 in this case.
>
> I'm sorry but that is pre-historic era around here and no one really
> remembers what the problems might have been back then (other than that
> they were surely plenty). Upgrading might be your best bet on all fronts.

    You're wrong - I remember, not 100% sure, but good enough.

    Just  two  weeks  ago (funny - isn't it) I made a deal with a
    friend, exchanging this  old  486/33DLC,  8MB,  1GB  portable
    (640x480  gray  but  onboard  SCSI!)  with a planimeter (nice
    mechanic  tool  that  fit's  perfectly  into   my   sliderule
    collection  - that friend collects sliderules too so he knows
    how to get me :-).

    That old portable was the computer, most of the  rule  system
    fixes  for  v6.4 where developed on. I'm pretty sure that the
    Rule-Owner-Needs-Perm changes where part of it.

    The executor is doing a permisson check of  the  result-  and
    all  scan  relations  just before starting the execution. For
    v6.4 (or was THAT in 6.5 - dunno exactly) I  added  a  little
    flag  to  the  rangetable  entry that tells "this relation is
    accessed through a view and permissions are already checked".
    Since  then,  it  was  the rewriter that checked if the view-
    owner would have the permissions for all  relations  used  by
    the view.

    Anyway,  upgrading  IS  the best (if not the only) choice for
    him.


Jan

--

#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me.                                  #
#================================================== JanWieck@Yahoo.com #